Info. Security Manager in Herndon, VA at General Dynamics Information Technology

Date Posted: 8/12/2019

Job Snapshot

Job Description

  • Provide support for a program, organization, systems or enclaves. Support the Agency RMF Workflow and Processes by proposing, coordinating, implementing and enforcing information system security policies, instructions, standards, and methodologies.
  • Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
  • Coordinate with the Data Custodian, Project Owner, and ISSM to identify the types of information processed, assign the appropriate security categorizations to the information systems, determine the information security and privacy impacts, and manage information security and privacy risk.  Document the controls in the information security and privacy plan (or equivalent document) to ensure implemented controls meet or exceed the minimal controls defined by CISO guidance.
  • Maintain current system information in XACTA (e.g., POCs, artifacts) to support organizational requirements and processes (e.g., communication, contingency planning, training, data calls)
  • Evaluate the impact of network and system changes using RMF processes.
  • Ensure anomalies identified under the Sponsors Information Security Continuous Monitoring activities are addressed and remediated in a manner that commensurate with the risks posed to the system from the anomalies.
  • Submit recommendations to the stakeholders for system configuration deviations from the required baseline.
  • Develop and maintain a system security plan (SSP)
  • Conduct periodic reviews to ensure compliance with SSP.
  • Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented.
  • Ensure system recovery processes are monitored to ensure security features and procedures are properly restored
  • Ensure all IS security-related documentation is current and accessible to properly authorized individuals
  • Formally notify the appropriate individuals when changes occur that might affect authorization
  • Participate in governance and project reviews identified by the Sponsor

#DPOST

#CJPOST

#SWDevIC

#ISDCJ

#ERP

#ComebackGDIT

#OpportunityOwned

#GDITCareers

#GDITLife

#WeAreGDIT

#MKPOLY

|||

Bachelors Degree (in an IT-related field) 

Desired Certifications: Certified Ethical Hacker 10 (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Systems auditor (CISA), NIST Cybersecurity Framework (NCSF)

|||
  • Strong documentation skills
  • Experience with XACTA 360, Continuum and other SCAP Compliant tools
  • Working experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs
  • Working experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, and STIGs
  • Must be a US Citizen 
  

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

','industry